Cyber Governance Manager

**BAT is evolving at pace into a global multi-category business. Our purpose is to create A Better Tomorrow by Building a Smokeless World.**
**To achieve our ambition, we are looking for colleagues who are ready to join us on this journey Tomorrow can’t wait, let’s shape it together**

**BAT’s Digital Business Solutions has an exciting opportunity for a Cyber Governance Manager**in Selangor, Malaysia.**

The incumbent will oversee and drive the implementation of an effective cybersecurity governance framework to ensure organizational

compliance with regulatory, industry, and internal cybersecurity policies and standards. This role requires strategic oversight, stakeholder collaboration, and continuous improvement to align the organization's cybersecurity objectives with its business goals.

**Your key responsibilities will include**:

- Develop and implement a comprehensive framework aligned with regulatory and organizational objectives.
- Establish governance bodies to support effective decision-making and accountability across cybersecurity initiatives.
- Craft and maintain cybersecurity policies, standards, and procedures in line with frameworks such as ISO 27001, NIST, and COBIT.
- Ensure compliance with internal policies and external regulations (e.g., GDPR, CCPA, HIPAA).
- Build and present dashboards, KPIs, KRIs, and reports for governance bodies including senior leadership and the Board.
- Lead continuous improvement and automation efforts in cyber governance processes.
- Collaborate with cross-functional teams including Enterprise Risk Management to align cybersecurity risk management practices.
- Support internal and external security audits to evaluate the effectiveness of cyber governance controls.

**What are we looking for?**
- Minimum of 5 years’ experience in cybersecurity governance, risk management, compliance, or related roles.
- Strong knowledge of cybersecurity frameworks and standards (e.g., NIST RMF, ISO 27001, COBIT).
- Hands-on experience with GRC tools (e.g., ServiceNow IRM, RSA Archer).
- Familiarity with regulatory compliance requirements such as GDPR, CCPA, PCI DSS, and SOX.
- Excellent communication skills for interacting with technical and non-technical stakeholders, including executives.
- Proficient in project management and data visualization tools such as Power BI and Excel.
- Demonstrated ability to manage multiple priorities in a fast-paced, matrixed organization.
- Degree in Cybersecurity, IT, or a related field; certifications like CRISC, CISM, CISSP, or CGEIT are highly desirable.

**What we offer you?**
- **Our range of benefits varies by country and includes diverse health plans, initiatives for work-life balance, transportation support, and a flexible holiday plan with additional incentives**:

- **Your journey with us isn't limited by boundaries; it's propelled by your aspirations. Join us at BAT and become a part of an environment that thrives on internal advancement, where your career progression isn't just a statement - it's a reality we're eager to build together. Seize the opportunity and own your development; your next chapter starts here.**:

- **You'll have access to online learning platforms and personalized growth programs to nurture your leadership skills**:

- **We prioritise continuous improvement within a transformative environment, preparing for ongoing changes**

**WHY JOIN BAT?**
**We’re one of the few companies named as a Global Top Employer by the Top Employers Institute - certified in offering excellent employee conditions.**

**Collaboration, inclusion and partnership underpin everything we do here at BAT. We are looking forward to enabling every individual to thrive, regardless of gender, sexual orientation, marital or civil partnership status, gender reassignment, race, religion or belief, colour, nationality, ethnic or national origin, disability, age, skills, experience, education, socio-economic and professional background, veteran status, perspectives and thinking styles. We know that embracing talent from all backgrounds is what makes us stronger and best prepared to meet our business goals.**

**We see the career breaks as opportunities not obstacles. Through The Global Returners program, we support professionals looking to restart their careers after an extended absence from the workforce (e.g. time out caring for family, parental leave, national service, sabbatical and/or starting an own venture).**

**Come bring your difference and see what is possible for you at BAT. Learn more about our culture and our award winning employee experience**here**.**

**If you require any reasonable adjustments or accommodations to help you perform at your best during the recruitment process, you are encouraged to notify us. We are fully committed to support you by making appropriate arrangements for you to demonstrate your full potential.